The 7 Most Common Phishing Attacks to Guard Against

Phishing is still the most popular attack tied to millions of cases of data theft, identity theft, and online fraud. Most cybersecurity attacks begin with a simple phishing email? Gmail reportedly blocks 100 million phishing attempts daily, but many of them are still getting though to your and your colleagues.

Cybercriminals target basic human psychology with the following techniques to orchestrate an attack:

TOO GOOD TO BE TRUE: An eye-catching scam like “You’ve been selected! Free Gift Card Alert!” or “Win $500 Today!” often lures victims into clicking on the offer.

HYPERLINKS: Fraudulent URLs, that look very similar to legitimate links, are really disguising harmful links. Often the link will appear like it is coming from someone within your organization or a partner company.

SENSE OF URGENCY: A common tactic for attackers is to press users to act immediately or they may miss out. Verbiage includes “Only 30 minutes left for this offer!” or “Hurry! Your password has expired, reset it now so you don’t get locked out forever.” 

ATTACHMENTS: Cybercriminals use fear to lure people to click on attachments or pictures. A popular attack includes an email urging the recipient to click on the attachments to reveal embarrassing photos of themselves. Curiosity about the photos often drives people to clicks on the attachment.  

SMS PHISHING: SMS (text message) phishing scams have a 200% higher response rate than email attacks. Be suspicious of any unusual link or message on your SMS feed.

SPEAR PHISHING: This form of phishing targets companies as a whole. Phishers collect data and contact information across the organization and craft phishing scams to targets the company. It is not unusual for an entire team to receive a company-wide request to click a link and take action (complete a survey for example) Studies show most people will click the link without questioning it, especially if other team members received the same email.

It is far easier to prevent an attack than it is to recover from one. Training yourself and your users on good cyber practices helps your team make smarter security decisions every day. And like training for a sport or an event, the more you do it the better you are. 

Be sure to follow us on Instagram for more cybersecurity facts and tips.  Today is your day to get your personal cybersecurity measures in order.